US2019333099A1PendingUtilityA1
Method and system for ip address traffic based detection of fraud
Est. expiryApr 30, 2038(~11.8 yrs left)· nominal 20-yr term from priority
H04L 63/101H04L 63/1425G06Q 30/0246H04L 63/0236G06Q 30/0248
39
PatentIndex Score
0
Cited by
0
References
0
Claims
Abstract
The present disclosure provides a method and system to detect advertisement fraud. The system receives the IP address data which is being used for viewing one or more advertisements published on at least one publisher on one or more media devices. In addition, the system classifies the IP address data into a plurality of classes. Further, the system analyzes abnormal traffic based on a plurality of parameters and the IP address data. Moreover, the system allocates the IP address into a blacklist when score exceeds threshold limit.
Claims
exact text as granted — not AI-modifiedWhat is claimed:
1 . A computer system comprising:
one or more processors; and a memory coupled to the one or more processors, the memory for storing instructions which, when executed by the one or more processors, cause the one or more processors to perform a method for detecting advertisement fraud based on IP address, the method comprising:
receiving, at a fraud detection platform, IP address data being used for viewing one or more advertisements published on at least one publisher on one or more media devices;
classifying, at the fraud detection platform, the IP address data into a plurality of classes, wherein the classification is done based on a plurality of third party databases and device data of the one or more media devices collected from a plurality of sources;
segregating, at the fraud detection platform, the IP address data based on traffic at the IP address, the segregation is done to identify the traffic at the IP address being normal traffic or abnormal traffic, wherein the segregation is done in real time;
analyzing, at the fraud detection platform, the abnormal traffic based on a plurality of parameters and the IP address data, wherein the analysis is done after segregating the IP address based on traffic at the IP address, wherein the analysis is done when a signal generator circuitry embedded inside the one or more media devices generates a signal to trigger one or more hardware components of the one or more media devices;
scoring, at the fraud detection platform, each of the IP address from the IP address data based on the analysis of the abnormal traffic; and
allocating, at the fraud detection platform, the IP address into blacklist when score exceeds threshold limit, wherein the allocation is done in real time.
2 . The computer system as recited in claim 1 , wherein the plurality of sources comprises accelerometer, ambient light sensor, global positioning system sensor, compass, proximity sensor, pressure sensor, operating system and gyroscope.
3 . The computer system as recited in claim 1 , wherein the device data comprises network type, service provider, location, time-stamp, operating system, model number, number of application installed, GPS data, number of application uninstalled and screen size.
4 . The computer system as recited in claim 1 , wherein the plurality of parameters comprises click to install time, time to run, time to load, device load time, redirection time and download time.
5 . The computer system as recited in claim 1 , wherein the plurality of third party databases comprises information regarding the one or more media devices, mobile network, the publisher, network speed, IP frequency, device ID's, publisher information, the blacklist, whitelist.
6 . The computer system as recited in claim 1 , wherein the plurality of classes is based on type of network being used for visiting the one or more advertisements, wherein the plurality of classes comprises home network, shopping mall network, university network, company's network, public network and private network.
7 . The computer system as recited in claim 1 , further comprising
examining, at the fraud detection platform, the user behavior to identify the abnormal traffic based on the device data, the IP address data, the data from the plurality of third party databases and the plurality of parameters, wherein the examination is done to identify the user behavior and detect the abnormal traffic based on the user behavior, wherein examination is done in real time.
8 . The computer system as recited in claim 1 , further comprising
calculating, at the fraud detection platform, the threshold limit based on the IP address data, the device data and the plurality of parameters.
9 . A computer-implemented method for detecting advertisement fraud based on IP address, the computer-implemented method comprising:
receiving, at a fraud detection platform with a processor, IP address data being used for viewing one or more advertisements published on at least one publisher on one or more media devices; classifying, at the fraud detection platform with the processor, the IP address data into a plurality of classes, wherein the classification is done based on a plurality of third party databases and device data of the one or more media devices collected from a plurality of sources; segregating, at the fraud detection platform with the processor, the IP address data based on traffic at the IP address, the segregation is done to identify the traffic at the IP address being normal traffic or abnormal traffic, wherein the segregation is done in real time; analyzing, at the fraud detection platform with the processor, the abnormal traffic based on a plurality of parameters and the IP address data, wherein the analysis is done after segregating the IP address based on traffic at the IP address, wherein the analysis is done when a signal generator circuitry embedded inside the one or more media devices generates a signal to trigger one or more hardware components of the one or more media devices; scoring, at the fraud detection platform with the processor, each of the IP address from the IP address data based on the analysis of the abnormal traffic; and allocating, at the fraud detection platform with the processor, the IP address into blacklist when score exceeds threshold limit, wherein the allocation is done in real time.
10 . The computer-implemented method as recited in claim 9 , wherein the plurality of sources comprises accelerometer, ambient light sensor, global positioning system sensor, compass, proximity sensor, pressure sensor, operating system and gyroscope.
11 . The computer-implemented method as recited in claim 9 , wherein the device data comprises network type, service provider, location, time-stamp, operating system, model number, number of application installed, GPS data, number of application uninstalled and screen size.
12 . The computer-implemented method as recited in claim 9 , wherein the plurality of parameters comprises click to install time, time to run, time to load, device load time, redirection time and download time.
13 . The computer-implemented method as recited in claim 9 , wherein the plurality of classes is based on type of network being used for visiting the one or more advertisements, wherein the plurality of classes comprises home network, shopping mall network, university network, company's network, public network and private network.
14 . The computer-implemented method as recited in claim 9 , wherein the plurality of third party databases comprises information regarding the one or more media devices, mobile network, the publisher, network speed, IP frequency, device ID's, publisher information, the blacklist, whitelist.
15 . The computer-implemented method as recited in claim 9 , further comprising
examining, at the fraud detection platform with the processor, the user behavior to identify the abnormal traffic based on the device data, the IP address data, the data from the plurality of third party databases and the plurality of parameters, wherein the examination is done to identify the user behavior and detect the abnormal traffic based on the user behavior, wherein examination is done in real time.
16 . The computer-implemented method as recited in claim 9 , further comprising
calculating, at the fraud detection platform with the processor, the threshold limit based on the IP address data, the device data and the plurality of parameters.
17 . A non-transitory computer-readable storage medium encoding computer executable instructions that, when executed by at least one processor, performs a method for detecting advertisement fraud based on IP address, the method comprising:
receiving, at a computing device, IP address data being used for viewing one or more advertisements published on at least one publisher on one or more media devices; classifying, at the computing device, the IP address data into a plurality of classes, wherein the classification is done based on a plurality of third party databases and device data of the one or more media devices collected from a plurality of sources; segregating, at the computing device, the IP address data based on traffic at the IP address, the segregation is done to identify the traffic at the IP address being normal traffic or abnormal traffic, wherein the segregation is done in real time; analyzing, at the computing device, the abnormal traffic based on a plurality of parameters and the IP address data, wherein the analysis is done after segregating the IP address based on traffic at the IP address, wherein the analysis is done when a signal generator circuitry embedded inside the one or more media devices generates a signal to trigger one or more hardware components of the one or more media devices; scoring, at the computing device, each of the IP address from the IP address data based on the analysis of the abnormal traffic; and allocating, at the computing device, the IP address into blacklist when score exceeds threshold limit, wherein the allocation is done in real time.Cited by (0)
No later patents cite this yet.
References (0)
No backward citations on record.